diff --git a/roles/ipa/server/files/configure-ipa.sh b/roles/ipa/server/files/configure-ipa.sh
index 0b62940a97..296796201f 100644
--- a/roles/ipa/server/files/configure-ipa.sh
+++ b/roles/ipa/server/files/configure-ipa.sh
@@ -8,15 +8,5 @@ trap cleanup EXIT
 
 echo $ADMIN_PASSWORD | kinit admin
 
-# Disallow all users to change their own settings
-ipa selfservice-find | grep "Self-service name:" | sed -e "s/  Self-service name: //" | \
-while read line
-do
-    echo "Removing $line"
-    ipa selfservice-del "$line"
-done
-
 # Disable default permissions so we don't break our privacy policy
 ipa permission-mod "System: Read User Addressbook Attributes" --bindtype=permission
-
-# TODO: Add custom permissions to grant specific access to user attributes